Swiss logistics company Trans Maritime AG was compromised by LockBit
Trans Maritime AG specializes in European land transport and is considered the absolute market leader in the Great Britain/Ireland and Benelux countries. It was attacked by LockBit ransomware, the breach was confirmed on March, 21. The attack vector was most likely spear-phishing, malicious scripts and RDP access via stolen credentials. Indirect damage can be estimated at dozens of millions of dollars.
Overall, in March, Acronis threat intelligence saw quite a high threat level in Switzerland, with 24.0% of users experiencing at least one malware detection during the month and 11.9% trying to visit a malicious URL at least once.
Spanish IT consultancy agency SolucionesSL was Redteam ransomware victim
It was confirmed on March 28 that SolucionesSL, a midsize consultancy agency that works on helping other companies transition to new technologies, was compromised by Redteam ransomware. The company works in the IT Consulting sector and has a revenue of around $5 million. The suspected vector of attack is an infected email attachment.
Acronis threat intelligence saw a high threat level in Spain during March, with 40.5% of users experiencing at least one malware detection during the month and 15.5% trying to visit a malicious URL at least once.
Denmark-based Concept Data was hit by Play ransomware
We didn’t see ransomware cases disclosed in Denmark in March 2024. The most recent attack was the one on Concept Data, a company with over 20 years of experience with Microsoft Dynamics C5 financial management, which offers nationwide service and support assistance and documented C5-certified consultants. It was attacked by the Play gang, which was confirmed on December 21, 2023. It was compromised supposedly due to leaked passwords and phishing email. As a result, attackers exfiltrated data containing private and personal confidential data, clients’ documents, budgets, taxes, finance information, etc.
Acronis threat intelligence saw a moderate threat level in Denmark during March, with 15% of users experiencing at least one malware detection during the month and 14.2% trying to visit a malicious URL at least once.
TechNet Kronoberg AB of Sweden hit by BianLian ransomware attack
TechNet Kronoberg AB sells and develops customized IT system solutions based on an innovative product portfolio for the private sector. It was attacked with the help of compromised remote desktop protocol (RDP) credentials by BianLian, and that information was disclosed on February 9. As a result, attackers exfiltrated 278 GB of files including invoices, receipts, accounting documents, personal data, certificates, employment contracts, confidentiality agreements, personal files, etc.
Acronis threat intelligence saw a moderate threat level in Sweden during March, with 14.1% of users experiencing at least one malware detection during the month and 10.8% trying to visit a malicious URL at least once.
Belgium-based consulting agency MIREL attacked by low-profile ransomware group DoNex
Belgium-based MIREL provides services for businesses and job seekers. MIREL benefits from cofinancing from the European Union (FSE+). They were attacked by DoNex ransomware, which was published on Tor on February 27 and confirmed on March 8. The attack vector was most likely spear phishing. And the impact was that 19 GB of data was leaked, including financial, personal, emails, forms and other information.
According to Acronis threat intelligence, Belgium was not a safe place in terms of cyberthreats during March, with 21.6% of users experiencing at least one malware detection during the month and 13.4% trying to visit a malicious URL at least once.